University’s internet exchange seen as hacker target

As the home of the hub for Hong Kong's internet traffic, Chinese University is regarded by local security experts as one of the prime targets in the city for cyber attacks by foreign agents.

The Hong Kong Internet Exchange, or HKIX, on the university's sprawling Sha Tin campus, neatly fits the description of a ‘network backbone’, which whistle-blower Edward Snowden says the US security services are targeting.

Snowden says the university is a key target for the US, although there is no evidence that the HKIX has been hacked.

Charles Mok, the lawmaker representing the information technology sector, said HKIX – which connects traffic sent by local internet service providers – could have been the Chinese University target Snowden was referring to in his interview with the South China Morning Post last Wednesday.

"It is the most convenient choice since it is the hub of all internet traffic within Hong Kong," he said. "But the attacks might not be traceable."

Set up in 1995, HKIX was designed to allow faster and easier local internet connections and avoid the need to use servers overseas. Essentially, it connects all of the city's internet traffic to a single infrastructure.

HKIX is operated by the Information Technology Services Centre affiliated with the university at sites on campus and in Kwai Chung.

The exchange serves almost 200 public and private organisations in Hong Kong and overseas, including the Office of the Government Chief Information Officer, as well as Google, Yahoo and Facebook, together with local fixed-line telecommunications and mobile broadband service providers.

HKIX also provides connections between the campus network and mainland and overseas research institutions, including the Chinese Science and Technology Network under the Chinese Academy of Sciences.

A spokesperson for the university said it had not detected any hacking in its network, which it said was "running normally".

"Every effort is made to protect the university's backbone network as well as the HKIX. They are closely monitored around the clock to ensure normal operation and defend against network threats," she said.

Leung Siu-cheong, consultant at the Computer Emergency Response Team Coordination Centre, or OGCIO, set up by the Productivity Council to help local organisations deal with computer security incidents, said it had contacted the university in the light of Snowden's allegation – but conceded it would be hard to follow up.

"The action of logging into one single webpage could generate hundreds of records," he said. "It is virtually impossible to know without details whether a specific attack has occurred."

While Snowden said the hacking also targeted public officials, the OGCIO, which oversees government IT infrastructure, said there had been no reported hacking incidents involving data leakage on its computer systems.

"We have enforced protection for critical systems, such as installing firewalls, anti-virus, intrusion detection and prevention systems, against security threats," a spokesperson said. "Information that is classified as 'confidential' should be encrypted on transmission."

Police in December created a cybersecurity centre under the commercial crime bureau to protect critical information systems in the city. The force said yesterday it could not comment on individual investigations.

Snowden said he believed the US National Security Agency had carried out 61,000 hacking operations around the world, including hundreds against targets in Hong Kong and on the mainland.

"We hack network backbones – like huge internet routers, basically – that give us access to the communications of hundreds of thousands of computers without having to hack every single one," he said. – South China Morning Post